Malnets 'pose major threat to web security'

Dubai, March 11, 2012

The most significant development in the Internet security landscape last year was the use of malware networks, or malnets, to launch highly dynamic Web-based attacks, a report said.

These complex infrastructures, which outlast any one attack, drove a 240 per cent increase in the number of malicious sites during the year and are expected to launch as many as two-thirds of all new attacks in 2012, said the Web Security Report issued by Blue Coat Systems, a technology leader in Web security and WAN optimization solutions.

The Blue Coat Security Labs team first discovered the existence of these malicious networks early in 2011 and presently is the only company to specifically identify, track and block them, said a statement.

Malnets are distributed network infrastructures within the Internet that are built, managed and maintained by cybercriminals for the purpose of launching a variety of attacks against unsuspecting users over extended periods of time. The end game for malnets typically is either stealing personal information or transforming end-user systems into botnets, it said.

The Blue Coat 2012 Web Security Report details the strategies and tactics that malnet operators deploy to snare users and funnel them to dynamic malware payloads, or software which surreptitiously installs on users computers designed for malicious or criminal purposes.

"In 2011, the ease of buying, customizing and deploying malicious software kits, coupled with a faster rotation through domain names, drove a 240 per cent increase in malicious sites," said Chris Larsen, senior malware researcher, Blue Coat Systems. “With the average business now facing 5,000 threats per month, identifying and tracking malnets to block attacks at the source before they are launched is the most effective protection. Blue Coat uniquely provides protection from malnet-launched attacks even before they happen.”

According to the report, the most common entry point into these malicious infrastructures rely on the path of least resistance, utilizing entry points that are easy to exploit, such as search engines/portals and email, or are utilised by large, diverse populations of users. Malnets have become so effective at launching attacks through search engines/portals that one in 142 searches leads to malicious links, the statement said. – TradeArabia News Service